30 matches found
CVE-2017-12757
CVE-2017-12757 affects Ambit Technologies Pvt. Ltd. products, including iTech B2B Script 4.42i, Tech Business Networking Script 8.26i, Tech Caregiver Script 2.71i, Tech Classifieds Script 7.41i, Tech Dating Script 3.40i, Tech Freelancer Script 5.27i, Tech Image Sharing Script 4.13i, Tech Job Scri...
CVE-2017-12757
Certain Ambit Technologies Pvt. Ltd products are affected by: SQL Injection. This affects iTech B2B Script 4.42i and Tech Business Networking Script 8.26i and Tech Caregiver Script 2.71i and Tech Classifieds Script 7.41i and Tech Dating Script 3.40i and Tech Freelancer Script 5.27i and Tech Image...
CVE-2018-20380
Ambit DDW2600 5.100.1009, DDW2602 5.105.1003, T60C926 4.64.1012, and U10C019 5.66.1026 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests...
Design/Logic Flaw
Ambit DDW2600 5.100.1009, DDW2602 5.105.1003, T60C926 4.64.1012, and U10C019 5.66.1026 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests...
CVE-2018-20380
Ambit DDW2600 5.100.1009, DDW2602 5.105.1003, T60C926 4.64.1012, and U10C019 5.66.1026 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests...
CVE-2018-20380
CVE-2018-20380 affects Ambit devices: DDW2600 5.100.1009, DDW2602 5.105.1003, T60C926 4.64.1012, and U10C019 5.66.1026. The vulnerability allows remote attackers to disclose credentials by issuing specific SNMP requests (iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and .2.0). Exploitation is described as r...
泛微oa /webservice/upload.php /webservice/upload/upload.php 等多处任意文件上传
任意文件上传共四处,属于同一个漏洞 文件位置 /webservice/upload.php /webservice/upload/upload.php /webservice-json/upload/upload.php /webservice-xml/upload/upload.php 四处都有如下代码 没有对文件有任何验证,无须登陆 文件上传之后的位置是: $path = $ATTACHPATH.$attachmentID; $fileName = $path."/".$FILES'file''name'; moveuploadedfile $FILES'file''tmpname'...
SNMP Public Community String Zero Day in Routers Disclosed
Researchers have discovered previously unreported problems in SNMP on embedded devices where devices such as secondary market home routers and a popular enterprise-grade load balancer are leaking authentication details in plain text. The data could be extracted by gaining access to the read-only...
RoadRunner Cablemodem Remote Root
Hello. This is the introduction to a large-scale RoadRunner Cable-Router exploit on the Ambit U10C019 CableModem. Basically, the default Cable Router that RoadRunner/TimeWarner gives to its customers by default: 1 Allows for remote login with user: admin, password: cableroot. 2 Allows remote acce...
Ambit Default Password (deprecated)
Binary data 4839.prm...